Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
40
Go
2,974
Maven
5,000+
npm
4,621
NuGet
788
pip
4,317
Pub
12
RubyGems
984
Rust
1,131
Swift
49
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

138,502 advisories

Loading
The personal-authors-category plugin for WordPress is vulnerable to Reflected Cross-Site... Moderate Unreviewed
CVE-2026-1754 was published Feb 14, 2026
The AMP Enhancer – Compatibility Layer for Official AMP Plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2026-2027 was published Feb 14, 2026
The Simple Wp colorfull Accordion plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2026-1904 was published Feb 14, 2026
The Citations tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2026-1912 was published Feb 14, 2026
The Appointment Booking Calendar Plugin – Bookr plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2026-1932 was published Feb 14, 2026
The Easy Voice Mail plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ... Moderate Unreviewed
CVE-2026-1164 was published Feb 14, 2026
The SEATT: Simple Event Attendance plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed
CVE-2026-1983 was published Feb 14, 2026
The WP Last Modified Info plugin for WordPress is vulnerable to Insecure Direct Object Reference... Moderate Unreviewed
CVE-2025-14608 was published Feb 14, 2026
The BFG Tools – Extension Zipper plugin for WordPress is vulnerable to Path Traversal in all... Moderate Unreviewed
CVE-2025-13681 was published Feb 14, 2026
The StickEasy Protected Contact Form plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2025-13973 was published Feb 14, 2026
The Easy Form Builder plugin for WordPress is vulnerable to unauthorized access of data due to a... Moderate Unreviewed
CVE-2025-14067 was published Feb 14, 2026
A cross-site scripting (XSS) vulnerability in the item management and sales invoice function of... Moderate Unreviewed
CVE-2025-70095 was published Feb 13, 2026
A vulnerability has been identified where weak file permissions in the Nessus Agent directory on... Moderate Unreviewed
CVE-2026-2026 was published Feb 13, 2026
A cross-site scripting (XSS) vulnerability in the Generate Item Barcode function of OpenSourcePOS... Moderate Unreviewed
CVE-2025-70094 was published Feb 13, 2026
Local privilege escalation in Genetec Sipelia Plugin. An authenticated low-privileged Windows... Moderate Unreviewed
CVE-2025-1790 was published Feb 13, 2026
An issue in IObit Unlocker v1.3.0.11 allows attackers to cause a Denial of Service (DoS) via a... Moderate Unreviewed
CVE-2025-66676 was published Feb 13, 2026
A cross-site scripting (XSS) vulnerability in the Customers function of OpenSourcePOS v3.4.1... Moderate Unreviewed
CVE-2025-70091 was published Feb 13, 2026
HP App for Android is potentially vulnerable to cross-site scripting (XSS) when using an outdated... Moderate Unreviewed
CVE-2026-1578 was published Feb 13, 2026
A flaw was identified in libsoup, a widely used HTTP library in GNOME-based systems. When... Moderate Unreviewed
CVE-2026-2443 was published Feb 13, 2026
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric... Moderate Unreviewed
CVE-2025-48020 was published Feb 13, 2026
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric... Moderate Unreviewed
CVE-2025-48021 was published Feb 13, 2026
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric... Moderate Unreviewed
CVE-2025-48019 was published Feb 13, 2026
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric... Moderate Unreviewed
CVE-2025-48022 was published Feb 13, 2026
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric... Moderate Unreviewed
CVE-2025-48023 was published Feb 13, 2026
The RegistrationMagic WordPress plugin before 6.0.7.2 checks nonces but not capabilities,... Moderate Unreviewed
CVE-2025-15520 was published Feb 13, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database